# create a new bodhi-backend system
#
# This group makes bodhi-backend servers.
# They are used by releng to push updates with bodhi.
# They also run some misc releng scripts.
#

- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=bodhi_backend:bodhi_backend_stg"

# Once the instance exists, configure it.

- name: make bodhi-backend server system
  hosts: bodhi_backend:bodhi_backend_stg
  user: root
  gather_facts: True

  vars_files:
  - /srv/web/infra/ansible/vars/global.yml
  - "/srv/web/infra/ansible/vars/all/RelEngFrozen.yaml"
  - "/srv/web/infra/ansible/vars/all/00-FedoraCycleNumber.yaml"
  - "/srv/web/infra/ansible/vars/all/FedoraBranched.yaml"
  - "/srv/web/infra/ansible/vars/all/FedoraBranchedNumber.yaml"
  - "/srv/web/infra/ansible/vars/all/FedoraRawhideNumber.yaml"
  - "/srv/private/ansible/vars.yml"
  - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  pre_tasks:
  - include_vars: dir=/srv/web/infra/ansible/vars/all/ ignore_files=README
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"

  roles:
  - base
  - nagios_client
  - collectd/base
  - hosts
  - ipa/client
  - sudo
  - rkhunter

  - role: nfs/client
    mnt_dir: '/mnt/fedora_koji'
    nfs_src_dir: 'fedora_koji'

  - bodhi2/backend

  - role: nfs/client
    mnt_dir: '/mnt/koji/ostree'
    nfs_src_dir: 'fedora_ostree_content/ostree'
    when: env != 'staging'

  - role: nfs/client
    mnt_dir: '/mnt/koji/compose/ostree'
    nfs_src_dir: 'fedora_ostree_content/compose/ostree'
    when: env != 'staging'

  - role: nfs/client
    mnt_dir: '/mnt/koji/ostree'
    nfs_src_dir: 'fedora_ostree_content-stg/ostree'
    when: env == 'staging'

  - role: nfs/client
    mnt_dir: '/mnt/koji/compose/ostree'
    nfs_src_dir: 'fedora_ostree_content_stg/compose/ostree'
    when: env == 'staging'

    # In staging, we mount fedora_koji as read only (see nfs_mount_opts)
  - role: nfs/client
    mnt_dir: '/mnt/fedora_koji_prod'
    nfs_src_dir: 'fedora_koji'
    when: env == 'staging'

  - role: nfs/client
    mnt_dir: '/pub/'
    nfs_src_dir: 'fedora_ftp/fedora.redhat.com/pub/'

  - role: nfs/client
    mnt_dir: '/pub/archive'
    nfs_src_dir: 'fedora_ftp_archive'

  - role: keytab/service
    owner_user: apache
    owner_group: apache
    service: bodhi
    host: "bodhi{{ env_suffix }}.fedoraproject.org"

  - role: zabbix/zabbix_agent
    when: env == "staging"

  - role: push-container-registry
    cert_dest_dir: "/etc/docker/certs.d/registry{{ env_suffix }}.fedoraproject.org"
    cert_src: "{{private}}/files/docker-registry/{{env}}/pki/issued/containerstable.crt"
    key_src: "{{private}}/files/docker-registry/{{env}}/pki/private/containerstable.key"
    certs_group: apache

  - role: rabbit/queue
    username: "bodhi{{ env_suffix }}"
    queue_name: "bodhi{{ env_suffix }}_composer"
    routing_keys: "{{ bodhi_message_routing_keys }}"
    thresholds:
      warning: 10
      critical: 100
    sent_topics: ^org\.fedoraproject\.{{ env_short }}\.bodhi\..*

  - role: rabbit/queue
    username: "bodhi{{ env_suffix }}"
    queue_name: "bodhi{{ env_suffix }}_koji_sync_listener{{ env_suffix }}"
    routing_keys:
      - "io.pagure.*.pagure.issue.edit"
    thresholds:
      warning: 10
      critical: 100

  - role: zabbix/zabbix_agent
    zabbix_server: apache
    zabbix_server_ip: apache
    when: env == "staging"

  tasks:
  - name: create secondary volume dir for stg bodhi
    file: dest=/mnt/koji/vol state=directory owner=apache group=apache mode=0755
    tags: bodhi
    when: env == 'staging'
  - name: create symlink for stg/prod secondary volume
    file: src=/mnt/fedora_koji_prod/koji dest=/mnt/koji/vol/prod state=link
    tags: bodhi
    when: env == 'staging'
  - import_tasks: "{{ tasks_path }}/motd.yml"

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"
